using Org.BouncyCastle.Utilities; using System; namespace Org.BouncyCastle.Crypto.Modes { public class CtsBlockCipher : BufferedBlockCipher { private readonly int m_blockSize; public CtsBlockCipher(IBlockCipher cipher) : this(EcbBlockCipher.GetBlockCipherMode(cipher)) { } public CtsBlockCipher(IBlockCipherMode cipherMode) { if (!(cipherMode is CbcBlockCipher) && !(cipherMode is EcbBlockCipher)) throw new ArgumentException("CtsBlockCipher can only accept ECB, or CBC ciphers"); m_cipherMode = cipherMode; m_blockSize = cipherMode.GetBlockSize(); buf = new byte[m_blockSize * 2]; bufOff = 0; } public override int GetBlockSize() { return m_blockSize; } public override int GetOutputSize(int length) { return bufOff + length; } public override int GetUpdateOutputSize(int length) { return BufferedCipherBase.GetFullBlocksSize(bufOff + length - 1, buf.Length); } public override int ProcessByte(byte input, byte[] output, int outOff) { int result = 0; if (bufOff == buf.Length) { Check.OutputLength(output, outOff, m_blockSize, "output buffer too short"); result = m_cipherMode.ProcessBlock(buf, 0, output, outOff); Array.Copy(buf, m_blockSize, buf, 0, m_blockSize); bufOff = m_blockSize; } buf[bufOff++] = input; return result; } public override int ProcessBytes(byte[] input, int inOff, int length, byte[] output, int outOff) { if (length < 1) { if (length < 0) throw new ArgumentException("Can't have a negative input length!"); return 0; } int num = 0; int num2 = buf.Length - bufOff; if (length > num2) { int updateOutputSize = GetUpdateOutputSize(length); Check.OutputLength(output, outOff, updateOutputSize, "output buffer too short"); Array.Copy(input, inOff, buf, bufOff, num2); inOff += num2; length -= num2; if (output == input && Arrays.SegmentsOverlap(outOff, m_blockSize, inOff, length)) { input = new byte[length]; Array.Copy(output, inOff, input, 0, length); inOff = 0; } num = m_cipherMode.ProcessBlock(buf, 0, output, outOff); Array.Copy(buf, m_blockSize, buf, 0, m_blockSize); bufOff = m_blockSize; while (length > m_blockSize) { num += m_cipherMode.ProcessBlock(buf, 0, output, outOff + num); Array.Copy(input, inOff, buf, 0, m_blockSize); inOff += m_blockSize; length -= m_blockSize; } } Array.Copy(input, inOff, buf, bufOff, length); bufOff += length; return num; } public override int DoFinal(byte[] output, int outOff) { try { Check.DataLength(bufOff < m_blockSize, "need at least one block of input for CTS"); Check.OutputLength(output, outOff, bufOff, "output buffer too short"); if (forEncryption) { m_cipherMode.ProcessBlock(buf, 0, buf, 0); for (int i = bufOff; i < buf.Length; i++) { buf[i] = buf[i - m_blockSize]; } for (int j = m_blockSize; j < bufOff; j++) { buf[j] ^= buf[j - m_blockSize]; } m_cipherMode.UnderlyingCipher.ProcessBlock(buf, m_blockSize, output, outOff); Array.Copy(buf, 0, output, outOff + m_blockSize, bufOff - m_blockSize); } else { m_cipherMode.UnderlyingCipher.ProcessBlock(buf, 0, buf, 0); for (int k = m_blockSize; k < bufOff; k++) { byte b = buf[k - m_blockSize]; buf[k - m_blockSize] = buf[k]; buf[k] ^= b; } m_cipherMode.ProcessBlock(buf, 0, output, outOff); Array.Copy(buf, m_blockSize, output, outOff + m_blockSize, bufOff - m_blockSize); } return bufOff; } finally { Reset(); } } } }